Microsoft Windows Security Updates For May 2020

The information below is provided to us via Microsoft and GHacks.net

Download the following Excel spreadsheet to your device; it contains a list of all security updates that Microsoft released on the May 2020 Patch Day for all of its products. Click on the following link to download the spreadsheet: security-updates-windows-may-2020

Executive Summary

• Microsoft released security updates for all supported versions of Windows (client and server).
• Security updates are also available for Microsoft Edge (new and old), Internet Explorer, Microsoft Office, Windows Defender, Visual Studio, Microsoft Dynamics, .Net Framework and Core, Power BI.

Operating System Distribution

• Windows 7  (extended support only): 26 vulnerabilities: 1 critical and 26 important
  • CVE-2020-1153 | Microsoft Graphics Components Remote Code Execution Vulnerability
• Windows 8.1: 30 vulnerabilities: 2 rated critical and 28 rated important
  • CVE-2020-1136 | Media Foundation Memory Corruption Vulnerability
  • CVE-2020-1153 | Microsoft Graphics Components Remote Code Execution Vulnerability
• Windows 10 version 1803: 71 vulnerabilities: 5 critical and 66 important
  • CVE-2020-1136 | Media Foundation Memory Corruption Vulnerability
  • CVE-2020-1126 | Media Foundation Memory Corruption Vulnerability
  • CVE-2020-1117 | Microsoft Color Management Remote Code Execution Vulnerability
  • CVE-2020-1028 | Media Foundation Memory Corruption Vulnerability
  • CVE-2020-1153 | Microsoft Graphics Components Remote Code Execution Vulnerability
• Windows 10 version 1809: 75 vulnerabilities: 5 critical and 70 important
  • same as Windows 10 version 1803
• Windows 10 version 1903: 78 vulnerabilities: 5 critical and 73 important
  • same as Windows 10 version 1803
• Windows 10 version 1909: 
  • same as Windows 10 version 1903

Windows Server products

• Windows Server 2008 R2 (extended support only): 26 vulnerabilities, 1 critical, 25 important
  • CVE-2020-1153 | Microsoft Graphics Components Remote Code Execution Vulnerability
• Windows Server 2012 R2: 29 vulnerabilities: 2 critical and 27 important.
  • CVE-2020-1136 | Media Foundation Memory Corruption Vulnerability
  • CVE-2020-1153 | Microsoft Graphics Components Remote Code Execution Vulnerability
• Windows Server 2016: 61 vulnerabilities: 5 critical and 56 important.
  • CVE-2020-1136 | Media Foundation Memory Corruption Vulnerability
  • CVE-2020-1126 | Media Foundation Memory Corruption Vulnerability
  • CVE-2020-1153 | Microsoft Graphics Components Remote Code Execution Vulnerability
  • CVE-2020-1117 | Microsoft Color Management Remote Code Execution Vulnerability
  • CVE-2020-1028 | Media Foundation Memory Corruption Vulnerability
• Windows Server 2019: 75 vulnerabilities: 5 critical and 70 are important
  • same as Windows Server 2016

Other Microsoft Products

• Internet Explorer 11: 7 vulnerability: 3 critical, 4 important
  • CVE-2020-1062 | Internet Explorer Memory Corruption Vulnerability
  • CVE-2020-1093 | VBScript Remote Code Execution Vulnerability
  • CVE-2020-1064 | MSHTML Engine Remote Code Execution Vulnerability
• Microsoft Edge:  5 vulnerabilities: 3 critical, 2 important
  • CVE-2020-1065 | Scripting Engine Memory Corruption Vulnerability
  • CVE-2020-1037 | Chakra Scripting Engine Memory Corruption Vulnerability
  • CVE-2020-1056 | Microsoft Edge Elevation of Privilege Vulnerability
• Microsoft Edge on Chromium:
  • see here (latest security patches from the Chromium project)

Windows Security Updates

Windows 7 SP1 and Server 2008 R2

• Monthly Rollup support article: KB4556836
• Security-only Update support article: KB4556843

Changes, fixes, and improvements

• Kingdom of Morocco daylight saving time updates. (both)
• Security Updates. (both)
• Fixed an issue that prevented some apps from installing if they are published using a Group Policy Object.(Monthly Rollup)
• Fixed an issue that made Windows report the connection state of network interfaces incorrectly. (Monthly Rollup)

Windows 8.1 and Windows Server 2012 R2

• Monthly Rollup support article: KB4556846
• Security-only Update support article: KB4556853 

Changes, fixes, and improvements

• Kingdom of Morocco daylight saving time updates. (both)
• Security Updates. (both)
• Addressed an issue that causes offline file syncing to stop responding or fail in mobsyc.exe. (Monthly Rollup)

Windows 10 version 1803

• Support article: KB4556807

Changes, fixes, and improvements

• Kingdom of Morocco daylight saving time updates.
• Addressed an issue that prevents a call to NCryptGetProperty() from returning the correct pbOutput value when pszProperty is set to “Algorithm Group” and you are using a Trusted Platform Module (TPM) 1.2 device.
• Security Updates

Windows 10 version 1809

• Support article: KB4551853

Changes, fixes, and improvements

• Same as Windows 10 version 1803, plus
• Shell Launcher v2 added to “improve reliability and usability”.

Windows 10 version 1903 and 1909

• Support article: KB4556799

Changes, fixes, and improvements

• Kingdom of Morocco daylight saving time updates.
• Security Updates.

Other security updates

KB4556798 — Cumulative security update for Internet Explorer: May 12, 2020

KB4556840 — 2020-05 Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012

KB4556852 — 2020-05 Security Only Quality Update for Windows Embedded 8 Standard and Windows Server 2012

KB4556853 — 2020-05 Security Only Quality Update for Windows 8.1 and Windows Server 2012 R2

KB4556854 — 2020-05 Security Only Quality Update for Windows Server 2008

KB4556860 — 2020-05 Security Monthly Quality Rollup for Windows Server 2008

KB4556804 — 2020-05 Cumulative Update for Windows 10 Version 1703

KB4556812 — 2020-05 Cumulative Update for Windows 10 Version 1709

KB4556813 — 2020-05 Cumulative Update for Windows Server 2016 and Windows 10 Version 1607

KB4556826 — 2020-05 Cumulative Update for Windows 10 Version 1507

.NET

KB4552919 — 2020-05 Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008

KB4552920 — 2020-05 Security and Quality Rollup for .NET Framework 4.5.2 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008

KB4552921 — 2020-05 Security and Quality Rollup for .NET Framework 4.8 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4552922 — 2020-05 Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4552923 — 2020-05 Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Windows Server 2012 R2

KB4552932 — 2020-05 Security and Quality Rollup for .NET Framework 4.8 for Windows Embedded 8 Standard and Windows Server 2012

KB4552933 — 2020-05 Security and Quality Rollup for .NET Framework 4.8 for Windows 8.1 and Windows Server 2012 R2

KB4552939 — 2020-05 Security and Quality Rollup for .NET Framework 2.0, 3.0 for Windows Server 2008

KB4552940 — 2020-05 Security and Quality Rollup for .NET Framework 3.5.1 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4552946 — 2020-05 Security and Quality Rollup for .NET Framework 4.5.2 for Windows 8.1 and Windows Server 2012 R2

KB4552947 –2020-05 Security and Quality Rollup for .NET Framework 4.5.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4552951 — 2020-05 Security Only Update for .NET Framework 4.6 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008

KB4552952 — 2020-05 Security Only Update for .NET Framework 4.5.2 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008

KB4552953 — 2020-05 Security Only Update for .NET Framework 4.8 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4552958 — 2020-05 Security Only Update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4552959 — 2020-05 Security Only Update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Windows Server 2012 R2

KB4552961 — 2020-05 Security Only Update for .NET Framework 4.8 for Windows Embedded 8 Standard and Windows Server 2012

KB4552962 — 2020-05 Security Only Update for .NET Framework 4.8 for Windows 8.1 and Windows Server 2012 R2

KB4552963 — 2020-05 Security Only Update for .NET Framework 3.5 for Windows Embedded 8 Standard and Windows Server 2012

KB4552964 — 2020-05 Security Only Update for .NET Framework 2.0, 3.0 for Windows Server 2008

KB4552965 — 2020-05 Security Only Update for .NET Framework 3.5.1 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4552966 — 2020-05 Security Only Update for .NET Framework 3.5 for Windows 8.1 and Windows Server 2012 R2

KB4552967 — 2020-05 Security Only Update for .NET Framework 4.5.2 for Windows 8.1 and Windows Server 2012 R2

KB4552968 — 2020-05 Security Only Update for .NET Framework 4.5.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4552979 — 2020-05 Security and Quality Rollup for .NET Framework 3.5 for Windows Embedded 8 Standard and Windows Server 2012

KB4552982 — 2020-05 Security and Quality Rollup for .NET Framework 3.5 for Windows 8.1 and Windows Server 2012 R2

KB4556399 — 2020-05 Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4556400 — 2020-05 Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded 8 Standard and Windows Server 2012

KB4556401 — 2020-05 Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1 and Windows Server 2012 R2

KB4556402 — 2020-05 Security and Quality Rollup for .NET Framework 2.0, 3.0, 4.5.2, 4.6 for Windows Server 2008

KB4556403 — 2020-05 Security Only Update for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4556404 — 2020-05 Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded 8 Standard and Windows Server 2012

KB4556405 — 2020-05 Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1 and Windows Server 2012 R2

KB4556406 — 2020-05 Security Only Update for .NET Framework 2.0, 3.0, 4.5.2, 4.6 for Windows Server 2008

KB4552924 — 2020-05 Cumulative Update for .NET Framework 3.5 and 4.7.2 for Windows Server 2019 and Windows 10 Version 1809

KB4552926 — 2020-05 Cumulative Update for .NET Framework 4.8 for Windows Server 2016 and Windows 10 Version 1607

KB4552927 — 2020-05 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1703

KB4552928 — 2020-05 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1709

KB4552929 — 2020-05 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1803 and Windows Server 2016 (1803)

KB4552930 — 2020-05 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows Server 2019 and Windows 10 Version 1809

KB4552931 — 2020-05 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows Server, version 1909, Windows 10 Version 1909, Windows Server 2019 (1903), and Windows 10 Version 1903

KB4556441 — 2020-05 Cumulative Update for .NET Framework 3.5, 4.7.2 and 4.8 for Windows Server 2019 and Windows 10 Version 1809

KB4552925 — 2020-05 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 2004

Servicing Stack Updates

KB4555448 — 2020-05 Servicing Stack Update for Windows Server 2008

KB4555449 — 2020-05 Servicing Stack Update for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

Known Issues

Windows 7 SP1 

• Windows may show “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer” after installing the update.
  • This is expected if a) the device is not supported for ESU or b) if the ESU MAK add-on key is not installed or activated.

Windows 10 version 1809

• Devices with some Asian language packs installed may show the error “0x800f0982 – PSFX_E_MATCHING_COMPONENT_NOT_FOUND.”.
  • Mitigation 1: Update and reinstall any recently installed language packs. Select Check for Updates in Windows Update to install the latest cumulative update.
  • Mitigation 2 (if 1 does not work): Reset the PC to an earlier version or restore a backup.

Security advisories and updates

ADV200004 | Availability of updates for Microsoft software utilizing the Autodesk FBX library

ADV200007 | OpenSSL Remote Denial of Service Vulnerability

Non-security related updates

KB4557900 — 2020-05 Update for Windows 8.1, Windows Server 2012 R2, Windows Embedded 8 Standard, Windows Server 2012, Windows 7, Windows Server 2008 R2, and Windows Server 2008

KB890830 — Windows Malicious Software Removal Tool

Microsoft Office Updates

You find Office update information here.

How to download and install the May 2020 security updates

Security updates for Windows are published via Windows Updates, other update management systems such as WSUS, as well as direct downloads on the Microsoft Update Catalog website.

We recommend that backups are created before updates are installed.

Do the following to check for new updates:

1. Open the Start Menu of the Windows operating system, type Windows Update and select the result.
2. Select check for updates in the application that opens. Updates may be installed automatically when they are found or offered by Windows; this depends on the operating system and version that is used, and update settings.

Direct update downloads

Windows 7 and Server 2008 R2

• KB4556836 — 2020-05 Security Monthly Quality Rollup for Windows 7
• KB4556843 — 2020-05 Security Only Quality Update for Windows 7

Windows 8.1 and Windows Server 2012 R2

• KB4556846 — 2020-05 Security Monthly Quality Rollup for Windows 8.1
• KB4556853 — 2020-05 Security Only Quality Update for Windows 8.1

Windows 10 (version 1803)

• KB4556807 — 2020-05 Cumulative Update for Windows 10 Version 1809

Windows 10 (version 1809)

• KB4551853 — 2020-05 Cumulative Update for Windows 10 Version 1809

Windows 10 (version 1903)

• KB4556799 — 2020-5 Cumulative Update for Windows 10 Version 1903

Windows 10 (version 1909)

• KB4556799 — 2020-05 Cumulative Update for Windows 10 Version 1909

• About
• Latest Posts

David

I have been in the Information Technology industry for a little over a decade gaining a Bachelors degree in Information System Security and securing employment with various industries including Government, Financial, Healthcare, Corporate and the End User sectors.
I started Your Digital Mind in 2016as a way to share my love for Education, Technology and Science in an entertaining yet rewarding format. I hope you are learning and enjoying!

Latest posts by David (see all)

• iOS 16.4.1— Urgent Update Recommended - April 10, 2023
• SAML – What The Heck Is Security Assertion Markup Language? - April 6, 2023
• Employees Sharing Sensitive Business Data with ChatGPT Raises Security Concerns - March 30, 2023